Beware of COVID-19 eCommerce Scams and Malware

2020-03-26

Within a matter of two weeks, COVID-19 (aka, the coronavirus) has gone from an obscure problem in foreign lands to a major pandemic, with cases now reported in all 50 states. Indeed, even though we are still in the early days of the COVID-19 scare in the United States, this illness has already proven to be one of the most impactful events to hit our country since 9/11. Sadly, any major crisis in modern times also brings an abundance of opportunities for computer hackers

Opportunities For Computer Hackers

. Perhaps not surprisingly, cybercrime experts are already ruminating on an apparent tie between the sale of products related to coronavirus and an interactive dashboard that tracks infections and deaths resulting from the disease. Specifically, it appears that the dashboard is being used by computer hackers as a vehicle for spreading password-stealing malware.

The reasons for this are technical, but not terribly complex. The COVID-19 dashboard is a Java-based map that can be sent via email and easily installed on websites. These types of applications work by using .jar files to load the malware on any computer or device that runs javascript. Once your device is infiltrated, hackers can spy on you through your cameras and microphones, and can even read any text messages that you send or receive.

As if that’s not scary enough, federal law enforcement authorities believe that this is just the tip of the iceberg. While they’ve already seen a myriad of scams — including text messages promising free iPhones in the wake of the coronavirus — many, many more are believed to be in the works. Unfortunately, computer hackers know that most Americans will be distracted by the spread of the virus itself, which will lead them to be less diligent about other potential threats.

Exploiting American Consumers Over Products Like Toilet Paper

For example, Americans have been scrambling to purchase products like toilet paper, paper towels, sanitizing hand wash, and the like. The resultant shortages are not just an inconvenience for families and businesses, they also create opportunities for foreign hackers to exploit American consumers. Indeed, given that countries like Russia, North Korea, China, and Iran are not in love with the United States, you can rest assured exploitation of the perceived shortage of products will escalate scams in the coming days.

So, what can American consumers do to avoid these computer hackers and the scams they perpetrate? For one thing, it is important to remain diligent about the wholesale nature of this pandemic. Although the origin of this crisis is biological, the wholesale exposure of our citizens is on display for the world. Thus, the first thing we can do is recognize our extreme vulnerability to cyber attacks in this difficult time.

Tips for your safety

From a practical perspective, that means the following:

Be more careful than usual about opening links you receive by text or email — especially if they are related to the coronavirus;

Recognize that “disease-trackers,” even from legitimate sources, may be used as pathways for malware — while you can tell your loved ones about them, don’t send them via email/text/messenger or post them to your own website;

Be wary of price-gouging in the online sale of “shortage” items like toilet paper (or any other items that consumers seem to be hoarding in the early days of this pandemic);

Report blatant examples of price-gouging and other exploitation of consumers (currently, most states’ attorney generals have hotlines for these abuses);

If your computer is acting more sluggish than usual (a potential sign that it has been infected by malware), be very cautious about using bank passwords or other sensitive passwords until you’ve had your computer checked by a professional; and

Generally, just be more aware than normal of the potential for cyber attacks and other computer scams.

We will keep on top of future hacks and scams as they evolve and will report them to you quickly. For now, however, all Americans would be wise to simply exercise an added degree of caution when doing anything online — especially if it is related to the outbreak of COVID-19.